Hello i found a bug in googlechrome browser by accident at first i thought this is a http bug. but when i reported this to many site @hackerone.com they told me their site is not the one that cause this its the browser.. 

This attack is kinday tricky because millions of http website is at risk..

Attack type: reflected XSS
vulnerable sites: http site that has the url like this "site.com"
not vulnerable: https://site.com, www.site.com etc


how to perform this attack first check a target like this example:

site.com
put the payload javascript:alert(0). front of the site
it will look like this javascript:alert(0).site.com
the tricky part is you cannot use this as a copy paste attack instead you need to manual type the javascript payload in front of the url but first you need to load the site first before you inject the payload..


actually i was advise to report it because millions of http site is at risk because of this... 


hope to hear from your side


for POC kindly check this youtube video (this is the one i reported to uber because they launched a bug bounty program)

https://www.youtube.com/watch?v=sE_EvyRD7kA


best regards,
evez